From c6fd23a854f61bf4853ea87ddf80addfe0ba35ba Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:19:10 +0900 Subject: [PATCH 01/79] =?UTF-8?q?[RENAME]=20getClaim=EC=9C=BC=EB=A1=9C=20r?= =?UTF-8?q?ename?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit JWT를 parsing하여 claim 부분을 반환하는 메서드이기 때문에 적절한 메서드명으로 rename --- .../org/websoso/WSSServer/config/jwt/JwtProvider.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index d1a05c75..da18da60 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -57,7 +57,7 @@ private SecretKey getSigningKey() { public JwtValidationType validateToken(String token) { try { - final Claims claims = getBody(token); + final Claims claims = getClaim(token); return JwtValidationType.VALID_TOKEN; } catch (MalformedJwtException ex) { return JwtValidationType.INVALID_TOKEN; @@ -70,7 +70,7 @@ public JwtValidationType validateToken(String token) { } } - private Claims getBody(final String token) { + private Claims getClaim(final String token) { return Jwts.parserBuilder() .setSigningKey(getSigningKey()) .build() @@ -79,8 +79,8 @@ private Claims getBody(final String token) { } public Long getUserFromJwt(String token) { - Claims claims = getBody(token); + Claims claims = getClaim(token); return Long.valueOf(claims.get(USER_ID).toString()); } -} \ No newline at end of file +} From 73132e46aa91a93d626c95cc00bac2d555429d48 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:20:13 +0900 Subject: [PATCH 02/79] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?= =?UTF-8?q?=ED=95=9C=20=EC=A3=BC=EC=84=9D=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../websoso/WSSServer/config/jwt/JwtProvider.java | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index da18da60..89c6dbc3 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -22,14 +22,13 @@ public class JwtProvider { private static final String USER_ID = "userId"; - private static final Long TOKEN_EXPIRATION_TIME = 6 * 30 * 24 * 60 * 60 * 1000L; // 6개월 + private static final Long TOKEN_EXPIRATION_TIME = 6 * 30 * 24 * 60 * 60 * 1000L; @Value("${jwt.secret}") private String JWT_SECRET; @PostConstruct protected void init() { - //base64 라이브러리에서 encodeToString을 이용해서 byte[] 형식을 String 형식으로 변환 JWT_SECRET = Base64.getEncoder().encodeToString(JWT_SECRET.getBytes(StandardCharsets.UTF_8)); } @@ -38,21 +37,21 @@ public String generateToken(Authentication authentication) { final Claims claims = Jwts.claims() .setIssuedAt(now) - .setExpiration(new Date(now.getTime() + TOKEN_EXPIRATION_TIME)); // 만료 시간 + .setExpiration(new Date(now.getTime() + TOKEN_EXPIRATION_TIME)); claims.put(USER_ID, authentication.getPrincipal()); return Jwts.builder() - .setHeaderParam(Header.TYPE, Header.JWT_TYPE) // Header - .setClaims(claims) // Claim - .signWith(getSigningKey()) // Signature + .setHeaderParam(Header.TYPE, Header.JWT_TYPE) + .setClaims(claims) + .signWith(getSigningKey()) .compact(); } private SecretKey getSigningKey() { - String encodedKey = Base64.getEncoder().encodeToString(JWT_SECRET.getBytes()); //SecretKey 통해 서명 생성 + String encodedKey = Base64.getEncoder().encodeToString(JWT_SECRET.getBytes()); return Keys.hmacShaKeyFor( - encodedKey.getBytes()); //일반적으로 HMAC (Hash-based Message Authentication Code) 알고리즘 사용 + encodedKey.getBytes()); } public JwtValidationType validateToken(String token) { From 8ce94876d98bd158f6b2f570b1474c9acc44b625 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:23:03 +0900 Subject: [PATCH 03/79] [RENAME] from generateToken to generateJWT --- src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 2 +- .../WSSServer/oauth2/CustomAuthenticationSuccessHandler.java | 2 +- src/main/java/org/websoso/WSSServer/service/UserService.java | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 89c6dbc3..881b7f3f 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -32,7 +32,7 @@ protected void init() { JWT_SECRET = Base64.getEncoder().encodeToString(JWT_SECRET.getBytes(StandardCharsets.UTF_8)); } - public String generateToken(Authentication authentication) { + public String generateJWT(Authentication authentication) { final Date now = new Date(); final Claims claims = Jwts.claims() diff --git a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java index 20c90c93..8c6f3224 100644 --- a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java +++ b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java @@ -28,7 +28,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, String socialId = customOAuth2UserDetails.getName(); User user = userRepository.findBySocialId(socialId); UserAuthentication userAuthentication = new UserAuthentication(user.getUserId(), null, null); - String token = jwtProvider.generateToken(userAuthentication); + String token = jwtProvider.generateJWT(userAuthentication); response.setContentType("application/json"); response.setStatus(HttpServletResponse.SC_OK); diff --git a/src/main/java/org/websoso/WSSServer/service/UserService.java b/src/main/java/org/websoso/WSSServer/service/UserService.java index 1ee819dd..3fed1f09 100644 --- a/src/main/java/org/websoso/WSSServer/service/UserService.java +++ b/src/main/java/org/websoso/WSSServer/service/UserService.java @@ -65,7 +65,7 @@ public LoginResponse login(Long userId) { User user = getUserOrException(userId); UserAuthentication userAuthentication = new UserAuthentication(user.getUserId(), null, null); - String token = jwtProvider.generateToken(userAuthentication); + String token = jwtProvider.generateJWT(userAuthentication); return LoginResponse.of(token); } From 4bb0ea5fb06519e50b271c903d017966635318ca Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:23:30 +0900 Subject: [PATCH 04/79] [RENAME] from JWT_SECRET to JWT_SECRET_KEY --- .../java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 881b7f3f..c31e2621 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -25,11 +25,11 @@ public class JwtProvider { private static final Long TOKEN_EXPIRATION_TIME = 6 * 30 * 24 * 60 * 60 * 1000L; @Value("${jwt.secret}") - private String JWT_SECRET; + private String JWT_SECRET_KEY; @PostConstruct protected void init() { - JWT_SECRET = Base64.getEncoder().encodeToString(JWT_SECRET.getBytes(StandardCharsets.UTF_8)); + JWT_SECRET_KEY = Base64.getEncoder().encodeToString(JWT_SECRET_KEY.getBytes(StandardCharsets.UTF_8)); } public String generateJWT(Authentication authentication) { @@ -49,7 +49,7 @@ public String generateJWT(Authentication authentication) { } private SecretKey getSigningKey() { - String encodedKey = Base64.getEncoder().encodeToString(JWT_SECRET.getBytes()); + String encodedKey = Base64.getEncoder().encodeToString(JWT_SECRET_KEY.getBytes()); return Keys.hmacShaKeyFor( encodedKey.getBytes()); } From e2bc2d3fabc9f5a286724f52feadd371eb977244 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:27:42 +0900 Subject: [PATCH 05/79] =?UTF-8?q?[REFACTOR]=20generateJWT=20=EB=A9=94?= =?UTF-8?q?=EC=84=9C=EB=93=9C=EC=97=90=EC=84=9C=20claim=20=EC=83=9D?= =?UTF-8?q?=EC=84=B1=20=EC=B1=85=EC=9E=84=20=EB=B6=84=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/config/jwt/JwtProvider.java | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index c31e2621..2e47ea63 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -33,21 +33,22 @@ protected void init() { } public String generateJWT(Authentication authentication) { - final Date now = new Date(); - - final Claims claims = Jwts.claims() - .setIssuedAt(now) - .setExpiration(new Date(now.getTime() + TOKEN_EXPIRATION_TIME)); - - claims.put(USER_ID, authentication.getPrincipal()); - return Jwts.builder() .setHeaderParam(Header.TYPE, Header.JWT_TYPE) - .setClaims(claims) + .setClaims(generateClaims(authentication)) .signWith(getSigningKey()) .compact(); } + private Claims generateClaims(Authentication authentication) { + final Claims claims = Jwts.claims() + .setIssuedAt(new Date(System.currentTimeMillis())) + .setExpiration(new Date(System.currentTimeMillis() + TOKEN_EXPIRATION_TIME)); + claims.put(USER_ID, authentication.getPrincipal()); + + return claims; + } + private SecretKey getSigningKey() { String encodedKey = Base64.getEncoder().encodeToString(JWT_SECRET_KEY.getBytes()); return Keys.hmacShaKeyFor( From 1af15cc48d30a44fe6d21844a70567c8a2d5cfa3 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:30:01 +0900 Subject: [PATCH 06/79] =?UTF-8?q?[FIX]=20signature=20algorithm=20=EB=AA=85?= =?UTF-8?q?=EC=8B=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit HS256을 명시적으로 지정하여 사용, secret key의 길이에 따라 선택되는 알고리즘이 달라지는 현상 방지 --- .../java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 2e47ea63..83bd04ec 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -5,6 +5,7 @@ import io.jsonwebtoken.Header; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.MalformedJwtException; +import io.jsonwebtoken.SignatureAlgorithm; import io.jsonwebtoken.UnsupportedJwtException; import io.jsonwebtoken.security.Keys; import jakarta.annotation.PostConstruct; @@ -36,7 +37,7 @@ public String generateJWT(Authentication authentication) { return Jwts.builder() .setHeaderParam(Header.TYPE, Header.JWT_TYPE) .setClaims(generateClaims(authentication)) - .signWith(getSigningKey()) + .signWith(getSigningKey(), SignatureAlgorithm.HS256) .compact(); } From cfb89c0d0c4a67c005c71e844cc9bc48ecfea44f Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:31:20 +0900 Subject: [PATCH 07/79] [RENAME] from getUserFromJwt to getUserIdFromJwt MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit userId를 return하는 메서드이기때문에 역할에 맞는 메서드명으로 rename --- .../websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java | 4 ++-- .../java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java index 37a6d804..087fadde 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java @@ -32,7 +32,7 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, try { final String token = getJwtFromRequest(request); if (jwtProvider.validateToken(token) == VALID_TOKEN) { - Long memberId = jwtProvider.getUserFromJwt(token); + Long memberId = jwtProvider.getUserIdFromJwt(token); // authentication 객체 생성 -> principal에 유저정보를 담는다. UserAuthentication authentication = new UserAuthentication(memberId.toString(), null, null); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); @@ -56,4 +56,4 @@ private String getJwtFromRequest(HttpServletRequest request) { } return null; } -} \ No newline at end of file +} diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 83bd04ec..edf75fda 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -79,7 +79,7 @@ private Claims getClaim(final String token) { .getBody(); } - public Long getUserFromJwt(String token) { + public Long getUserIdFromJwt(String token) { Claims claims = getClaim(token); return Long.valueOf(claims.get(USER_ID).toString()); } From 9f87ece7c010c18741ed819875fb6b09a78440b9 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:31:56 +0900 Subject: [PATCH 08/79] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?= =?UTF-8?q?=ED=95=9C=20=EA=B0=9C=ED=96=89=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index edf75fda..4b9f91a1 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -52,8 +52,7 @@ private Claims generateClaims(Authentication authentication) { private SecretKey getSigningKey() { String encodedKey = Base64.getEncoder().encodeToString(JWT_SECRET_KEY.getBytes()); - return Keys.hmacShaKeyFor( - encodedKey.getBytes()); + return Keys.hmacShaKeyFor(encodedKey.getBytes()); } public JwtValidationType validateToken(String token) { From 4e503bf535cd7cb022cf39b9f060e3fc658e682c Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:34:27 +0900 Subject: [PATCH 09/79] =?UTF-8?q?[FIX]=20Base64=20=EC=9D=B8=EC=BD=94?= =?UTF-8?q?=EB=94=A9=20=EC=A4=91=EB=B3=B5=20=EC=9E=91=EC=97=85=20=EC=A0=9C?= =?UTF-8?q?=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PostConstruct를 통해 인코딩했음에도 다시 인코딩하는 중복 작업 제거 --- .../java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 4b9f91a1..2676999d 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -51,8 +51,7 @@ private Claims generateClaims(Authentication authentication) { } private SecretKey getSigningKey() { - String encodedKey = Base64.getEncoder().encodeToString(JWT_SECRET_KEY.getBytes()); - return Keys.hmacShaKeyFor(encodedKey.getBytes()); + return Keys.hmacShaKeyFor(JWT_SECRET_KEY.getBytes()); } public JwtValidationType validateToken(String token) { From db1bc1d9d81fad96be75517c6c05b197f3eb72a1 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:36:08 +0900 Subject: [PATCH 10/79] [RENAME] from validateToken to validateJWT --- .../websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java | 2 +- src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java index 087fadde..0d950a1e 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java @@ -31,7 +31,7 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, @NonNull FilterChain filterChain) throws ServletException, IOException { try { final String token = getJwtFromRequest(request); - if (jwtProvider.validateToken(token) == VALID_TOKEN) { + if (jwtProvider.validateJWT(token) == VALID_TOKEN) { Long memberId = jwtProvider.getUserIdFromJwt(token); // authentication 객체 생성 -> principal에 유저정보를 담는다. UserAuthentication authentication = new UserAuthentication(memberId.toString(), null, null); diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 2676999d..bba9a036 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -54,7 +54,7 @@ private SecretKey getSigningKey() { return Keys.hmacShaKeyFor(JWT_SECRET_KEY.getBytes()); } - public JwtValidationType validateToken(String token) { + public JwtValidationType validateJWT(String token) { try { final Claims claims = getClaim(token); return JwtValidationType.VALID_TOKEN; From 85d801897df9c3629a458926b20a152ab79129a9 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:42:06 +0900 Subject: [PATCH 11/79] =?UTF-8?q?[REFACTOR]=20=EB=A9=94=EC=84=9C=EB=93=9C?= =?UTF-8?q?=20=EC=88=9C=EC=84=9C=20=EC=A1=B0=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/websoso/WSSServer/config/jwt/JwtProvider.java | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index bba9a036..1aed0666 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -54,6 +54,11 @@ private SecretKey getSigningKey() { return Keys.hmacShaKeyFor(JWT_SECRET_KEY.getBytes()); } + public Long getUserIdFromJwt(String token) { + Claims claims = getClaim(token); + return Long.valueOf(claims.get(USER_ID).toString()); + } + public JwtValidationType validateJWT(String token) { try { final Claims claims = getClaim(token); @@ -76,10 +81,4 @@ private Claims getClaim(final String token) { .parseClaimsJws(token) .getBody(); } - - public Long getUserIdFromJwt(String token) { - Claims claims = getClaim(token); - return Long.valueOf(claims.get(USER_ID).toString()); - } - } From 9fba9125dbd0f6c772cc31bb42f39f635926eb5c Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:43:13 +0900 Subject: [PATCH 12/79] =?UTF-8?q?[REFACTOR]=20=EC=97=AC=EB=9F=AC=EB=B2=88?= =?UTF-8?q?=20=ED=98=B8=EC=B6=9C=EB=90=98=EB=8A=94=20currentTimeMillis()?= =?UTF-8?q?=20=EB=B3=80=EC=88=98=EB=A1=9C=20=EC=B6=94=EC=B6=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 1aed0666..29a1ab91 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -42,9 +42,10 @@ public String generateJWT(Authentication authentication) { } private Claims generateClaims(Authentication authentication) { + long now = System.currentTimeMillis(); final Claims claims = Jwts.claims() - .setIssuedAt(new Date(System.currentTimeMillis())) - .setExpiration(new Date(System.currentTimeMillis() + TOKEN_EXPIRATION_TIME)); + .setIssuedAt(new Date(now)) + .setExpiration(new Date(now + TOKEN_EXPIRATION_TIME)); claims.put(USER_ID, authentication.getPrincipal()); return claims; From 842ceaeebd9468cfcbcddd74f14ed3dadee9eedf Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 7 Sep 2024 23:44:42 +0900 Subject: [PATCH 13/79] =?UTF-8?q?[RENAME]=20=EB=B6=88=EB=AA=85=ED=99=95?= =?UTF-8?q?=ED=95=9C=20USER=5FID=EB=A5=BC=20CLAIM=5FUSER=5FID=EB=A1=9C=20r?= =?UTF-8?q?ename?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 29a1ab91..11981a00 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -22,7 +22,7 @@ @RequiredArgsConstructor public class JwtProvider { - private static final String USER_ID = "userId"; + private static final String CLAIM_USER_ID = "userId"; private static final Long TOKEN_EXPIRATION_TIME = 6 * 30 * 24 * 60 * 60 * 1000L; @Value("${jwt.secret}") @@ -46,7 +46,7 @@ private Claims generateClaims(Authentication authentication) { final Claims claims = Jwts.claims() .setIssuedAt(new Date(now)) .setExpiration(new Date(now + TOKEN_EXPIRATION_TIME)); - claims.put(USER_ID, authentication.getPrincipal()); + claims.put(CLAIM_USER_ID, authentication.getPrincipal()); return claims; } @@ -57,7 +57,7 @@ private SecretKey getSigningKey() { public Long getUserIdFromJwt(String token) { Claims claims = getClaim(token); - return Long.valueOf(claims.get(USER_ID).toString()); + return Long.valueOf(claims.get(CLAIM_USER_ID).toString()); } public JwtValidationType validateJWT(String token) { From 203e2c4e1a47c917fd3cfcb0dbc435d3288f7d2e Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 8 Sep 2024 15:46:40 +0900 Subject: [PATCH 14/79] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?= =?UTF-8?q?=ED=95=9C=20=EC=A3=BC=EC=84=9D=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java index 0d950a1e..ad471a03 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java @@ -33,7 +33,6 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, final String token = getJwtFromRequest(request); if (jwtProvider.validateJWT(token) == VALID_TOKEN) { Long memberId = jwtProvider.getUserIdFromJwt(token); - // authentication 객체 생성 -> principal에 유저정보를 담는다. UserAuthentication authentication = new UserAuthentication(memberId.toString(), null, null); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); SecurityContextHolder.getContext().setAuthentication(authentication); @@ -45,7 +44,6 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, throw new RuntimeException(e); } } - // 다음 필터로 요청 전달 filterChain.doFilter(request, response); } From e4c1f10fa44026e43c7e82f144a95dd095e41669 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 8 Sep 2024 16:04:08 +0900 Subject: [PATCH 15/79] =?UTF-8?q?[REFACTOR]=20access=20token=20=EB=A7=8C?= =?UTF-8?q?=EB=A3=8C=EC=8B=9C=EA=B0=84=20yml=20=ED=86=B5=ED=95=B4=EC=84=9C?= =?UTF-8?q?=20=EC=A3=BC=EC=9E=85=EB=B0=9B=EB=8A=94=20=EB=B0=A9=EC=8B=9D?= =?UTF-8?q?=EC=9C=BC=EB=A1=9C=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 11981a00..6adc3f5a 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -23,11 +23,13 @@ public class JwtProvider { private static final String CLAIM_USER_ID = "userId"; - private static final Long TOKEN_EXPIRATION_TIME = 6 * 30 * 24 * 60 * 60 * 1000L; @Value("${jwt.secret}") private String JWT_SECRET_KEY; + @Value("${jwt.expiration-time.access-token}") + private Long ACCESS_TOKEN_EXPIRATION_TIME; + @PostConstruct protected void init() { JWT_SECRET_KEY = Base64.getEncoder().encodeToString(JWT_SECRET_KEY.getBytes(StandardCharsets.UTF_8)); From ea033804e7311bf126fb0a9efdf22b8f5f62dd8f Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 8 Sep 2024 16:04:41 +0900 Subject: [PATCH 16/79] =?UTF-8?q?[FEAT]=20refresh=20token=20=EB=A7=8C?= =?UTF-8?q?=EB=A3=8C=EC=8B=9C=EA=B0=84=20yml=20=ED=86=B5=ED=95=B4=EC=84=9C?= =?UTF-8?q?=20=EC=A3=BC=EC=9E=85=EB=B0=9B=EB=8A=94=20=EB=B0=A9=EC=8B=9D?= =?UTF-8?q?=EC=9C=BC=EB=A1=9C=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 6adc3f5a..c873a8e3 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -30,6 +30,9 @@ public class JwtProvider { @Value("${jwt.expiration-time.access-token}") private Long ACCESS_TOKEN_EXPIRATION_TIME; + @Value("${jwt.expiration-time.refresh-token}") + private Long REFRESH_TOKEN_EXPIRATION_TIME; + @PostConstruct protected void init() { JWT_SECRET_KEY = Base64.getEncoder().encodeToString(JWT_SECRET_KEY.getBytes(StandardCharsets.UTF_8)); From 892633d69334142eb5fccc8614ea7f2dc1740dbb Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 8 Sep 2024 16:05:30 +0900 Subject: [PATCH 17/79] =?UTF-8?q?[FIX]=20generateJWT=EC=97=90=EC=84=9C=20e?= =?UTF-8?q?xpirationTime=EC=9D=84=20=EC=99=B8=EB=B6=80=EC=97=90=EC=84=9C?= =?UTF-8?q?=20=EC=9E=85=EB=A0=A5=20=EB=B0=9B=EB=8F=84=EB=A1=9D=20=EB=B3=80?= =?UTF-8?q?=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index c873a8e3..7e7c0d38 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -39,18 +39,19 @@ protected void init() { } public String generateJWT(Authentication authentication) { + public String generateJWT(Authentication authentication, Long expirationTime) { return Jwts.builder() .setHeaderParam(Header.TYPE, Header.JWT_TYPE) - .setClaims(generateClaims(authentication)) + .setClaims(generateClaims(authentication, expirationTime)) .signWith(getSigningKey(), SignatureAlgorithm.HS256) .compact(); } - private Claims generateClaims(Authentication authentication) { + private Claims generateClaims(Authentication authentication, Long expirationTime) { long now = System.currentTimeMillis(); final Claims claims = Jwts.claims() .setIssuedAt(new Date(now)) - .setExpiration(new Date(now + TOKEN_EXPIRATION_TIME)); + .setExpiration(new Date(now + expirationTime)); claims.put(CLAIM_USER_ID, authentication.getPrincipal()); return claims; From b4018f17994ae447c647683de364149c679ae576 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 8 Sep 2024 16:07:53 +0900 Subject: [PATCH 18/79] =?UTF-8?q?[FEAT]=20=ED=86=A0=ED=81=B0=EC=97=90=20?= =?UTF-8?q?=EB=94=B0=EB=A5=B8=20=EC=84=B8=EB=B6=80=20=EA=B5=AC=ED=98=84=20?= =?UTF-8?q?=EB=A9=94=EC=84=9C=EB=93=9C=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 템플릿 메서드 패턴을 통해 공통 로직은 generateJWT에서 정의, 만료 시간(세부 구현)은 generateAccessToken와 generateRefreshToken에 위임 --- .../org/websoso/WSSServer/config/jwt/JwtProvider.java | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 7e7c0d38..4b174f71 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -38,7 +38,14 @@ protected void init() { JWT_SECRET_KEY = Base64.getEncoder().encodeToString(JWT_SECRET_KEY.getBytes(StandardCharsets.UTF_8)); } - public String generateJWT(Authentication authentication) { + public String generateAccessToken(Authentication authentication) { + return generateJWT(authentication, ACCESS_TOKEN_EXPIRATION_TIME); + } + + public String generateRefreshToken(Authentication authentication) { + return generateJWT(authentication, REFRESH_TOKEN_EXPIRATION_TIME); + } + public String generateJWT(Authentication authentication, Long expirationTime) { return Jwts.builder() .setHeaderParam(Header.TYPE, Header.JWT_TYPE) From e07d2ec14118ab9c57acc6222403231f2a0f165b Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 8 Sep 2024 16:08:55 +0900 Subject: [PATCH 19/79] =?UTF-8?q?[FIX]=20=EC=9D=91=EB=8B=B5=EC=9C=BC?= =?UTF-8?q?=EB=A1=9C=20=EB=82=B4=EB=A0=A4=EC=A3=BC=EB=8A=94=20JWT=20?= =?UTF-8?q?=ED=94=84=EB=A1=9C=ED=8D=BC=ED=8B=B0=20=ED=82=A4=20=EC=9D=B4?= =?UTF-8?q?=EB=A6=84=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit from authorization to Authorization --- .../WSSServer/oauth2/CustomAuthenticationSuccessHandler.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java index 8c6f3224..f5a5b588 100644 --- a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java +++ b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java @@ -32,6 +32,6 @@ public void onAuthenticationSuccess(HttpServletRequest request, response.setContentType("application/json"); response.setStatus(HttpServletResponse.SC_OK); - response.getWriter().write("{\"authorization\": \"" + token + "\"}"); + response.getWriter().write("{\"Authorization\": \"" + token + "\"}"); } } From 161fb874750a085f6cc5c6d7d3a5d28a7383cd37 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 8 Sep 2024 16:12:32 +0900 Subject: [PATCH 20/79] =?UTF-8?q?[FIX]=20access=20token=20=EB=B0=9C?= =?UTF-8?q?=EA=B8=89=20=EB=A9=94=EC=84=9C=EB=93=9C=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit from generateJWT to generateAccessToken --- .../WSSServer/oauth2/CustomAuthenticationSuccessHandler.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java index f5a5b588..879811d1 100644 --- a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java +++ b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java @@ -28,7 +28,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, String socialId = customOAuth2UserDetails.getName(); User user = userRepository.findBySocialId(socialId); UserAuthentication userAuthentication = new UserAuthentication(user.getUserId(), null, null); - String token = jwtProvider.generateJWT(userAuthentication); + String token = jwtProvider.generateAccessToken(userAuthentication); response.setContentType("application/json"); response.setStatus(HttpServletResponse.SC_OK); From 3a4485b8195eb277db82da1836ba605d58879b7b Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 8 Sep 2024 16:12:53 +0900 Subject: [PATCH 21/79] =?UTF-8?q?[RENAME]=20accessToken=EC=9C=BC=EB=A1=9C?= =?UTF-8?q?=20rename?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/oauth2/CustomAuthenticationSuccessHandler.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java index 879811d1..8571ee9c 100644 --- a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java +++ b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java @@ -28,10 +28,10 @@ public void onAuthenticationSuccess(HttpServletRequest request, String socialId = customOAuth2UserDetails.getName(); User user = userRepository.findBySocialId(socialId); UserAuthentication userAuthentication = new UserAuthentication(user.getUserId(), null, null); - String token = jwtProvider.generateAccessToken(userAuthentication); + String accessToken = jwtProvider.generateAccessToken(userAuthentication); response.setContentType("application/json"); response.setStatus(HttpServletResponse.SC_OK); - response.getWriter().write("{\"Authorization\": \"" + token + "\"}"); + response.getWriter().write("{\"Authorization\": \"" + accessToken + "\"}"); } } From 50c312b95f2db0eea282c01ebd7721eca626f3a7 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 8 Sep 2024 16:14:12 +0900 Subject: [PATCH 22/79] =?UTF-8?q?[FEAT]=20refreshToken=20=EB=B0=9C?= =?UTF-8?q?=EA=B8=89=20=EB=B0=8F=20=EC=9D=91=EB=8B=B5=EC=97=90=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/oauth2/CustomAuthenticationSuccessHandler.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java index 8571ee9c..edbfde64 100644 --- a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java +++ b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java @@ -29,9 +29,11 @@ public void onAuthenticationSuccess(HttpServletRequest request, User user = userRepository.findBySocialId(socialId); UserAuthentication userAuthentication = new UserAuthentication(user.getUserId(), null, null); String accessToken = jwtProvider.generateAccessToken(userAuthentication); + String refreshToken = jwtProvider.generateRefreshToken(userAuthentication); response.setContentType("application/json"); response.setStatus(HttpServletResponse.SC_OK); - response.getWriter().write("{\"Authorization\": \"" + accessToken + "\"}"); + response.getWriter() + .write("{\"Authorization\": \"" + accessToken + "\", \"refreshToken\": \"" + refreshToken + "\"}"); } } From cbb59d5a9c2ffdea6a96d24b0167911f8e465764 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 8 Sep 2024 16:14:46 +0900 Subject: [PATCH 23/79] =?UTF-8?q?[FIX]=20=EC=9E=84=EC=8B=9C=EB=A1=9C=20Use?= =?UTF-8?q?rService=EC=97=90=EC=84=9C=20=EC=97=91=EC=84=B8=EC=8A=A4=20?= =?UTF-8?q?=ED=86=A0=ED=81=B0=20=EB=B0=9C=EA=B8=89=20=EC=8B=9C=20=ED=98=B8?= =?UTF-8?q?=EC=B6=9C=ED=95=98=EB=8A=94=20=EB=A9=94=EC=84=9C=EB=93=9C=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/service/UserService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/service/UserService.java b/src/main/java/org/websoso/WSSServer/service/UserService.java index 3fed1f09..f90ca75e 100644 --- a/src/main/java/org/websoso/WSSServer/service/UserService.java +++ b/src/main/java/org/websoso/WSSServer/service/UserService.java @@ -65,7 +65,7 @@ public LoginResponse login(Long userId) { User user = getUserOrException(userId); UserAuthentication userAuthentication = new UserAuthentication(user.getUserId(), null, null); - String token = jwtProvider.generateJWT(userAuthentication); + String token = jwtProvider.generateAccessToken(userAuthentication); return LoginResponse.of(token); } From d59ab2031af6c55ccae38dd4227182a13b224f47 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 11:27:22 +0900 Subject: [PATCH 24/79] =?UTF-8?q?[REFACTOR]=20JWT=20validation=20=EA=B2=B0?= =?UTF-8?q?=EA=B3=BC=20=EB=B3=80=EC=88=98=EB=A1=9C=20=EC=B6=94=EC=B6=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java index ad471a03..320f16d5 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java @@ -31,7 +31,8 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, @NonNull FilterChain filterChain) throws ServletException, IOException { try { final String token = getJwtFromRequest(request); - if (jwtProvider.validateJWT(token) == VALID_TOKEN) { + final JwtValidationType validationResult = jwtProvider.validateJWT(token); + if (validationResult == VALID_TOKEN) { Long memberId = jwtProvider.getUserIdFromJwt(token); UserAuthentication authentication = new UserAuthentication(memberId.toString(), null, null); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); From 3c31049ef5d3aa48c8dc886748d7a3a62ad5c803 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 11:31:08 +0900 Subject: [PATCH 25/79] =?UTF-8?q?[FEAT]=20Access=20token=20=EB=A7=8C?= =?UTF-8?q?=EB=A3=8C=20=EC=8B=9C=20error=20response=20=EB=82=B4=EB=A0=A4?= =?UTF-8?q?=EC=A3=BC=EB=8A=94=20=EB=A1=9C=EC=A7=81=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 만료 시 filter chain은 중단: return; 401 UNAUTHORIZED, reissue 요구하는 message로 응답 --- .../WSSServer/config/jwt/JwtAuthenticationFilter.java | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java index 320f16d5..7173b688 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java @@ -1,5 +1,6 @@ package org.websoso.WSSServer.config.jwt; +import static org.websoso.WSSServer.config.jwt.JwtValidationType.EXPIRED_TOKEN; import static org.websoso.WSSServer.config.jwt.JwtValidationType.VALID_TOKEN; import jakarta.servlet.FilterChain; @@ -37,6 +38,9 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, UserAuthentication authentication = new UserAuthentication(memberId.toString(), null, null); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); SecurityContextHolder.getContext().setAuthentication(authentication); + } else if (validationResult == EXPIRED_TOKEN) { + handleExpiredAccessToken(request, response); + return; } } catch (Exception exception) { try { @@ -55,4 +59,11 @@ private String getJwtFromRequest(HttpServletRequest request) { } return null; } + + private void handleExpiredAccessToken(HttpServletRequest request, + HttpServletResponse response) throws IOException { + response.setContentType("application/json"); + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + response.getWriter().write("{\"error\": \"Access Token Expired. Use Refresh Token to reissue.\"}"); + } } From 9ee9bde88a5f0056a9b3296c215718b0e56a2c3d Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 13:50:02 +0900 Subject: [PATCH 26/79] =?UTF-8?q?[STYLE]=20=ED=8C=8C=EC=9D=BC=20=EB=81=9D?= =?UTF-8?q?=20=EA=B0=9C=ED=96=89=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/config/jwt/CustomJwtAuthenticationEntryPoint.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/CustomJwtAuthenticationEntryPoint.java b/src/main/java/org/websoso/WSSServer/config/jwt/CustomJwtAuthenticationEntryPoint.java index 9ab56d17..5a208303 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/CustomJwtAuthenticationEntryPoint.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/CustomJwtAuthenticationEntryPoint.java @@ -19,4 +19,4 @@ private void setResponse(HttpServletResponse response) { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); } -} \ No newline at end of file +} From e28d6d6cee9523da808b0c000341d348e61c967c Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 14:14:05 +0900 Subject: [PATCH 27/79] =?UTF-8?q?[FEAT]=20reissue=20=EC=97=94=EB=93=9C?= =?UTF-8?q?=ED=8F=AC=EC=9D=B8=ED=8A=B8=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/controller/AuthController.java | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 src/main/java/org/websoso/WSSServer/controller/AuthController.java diff --git a/src/main/java/org/websoso/WSSServer/controller/AuthController.java b/src/main/java/org/websoso/WSSServer/controller/AuthController.java new file mode 100644 index 00000000..923de4ac --- /dev/null +++ b/src/main/java/org/websoso/WSSServer/controller/AuthController.java @@ -0,0 +1,27 @@ +package org.websoso.WSSServer.controller; + +import static org.springframework.http.HttpStatus.OK; + +import lombok.RequiredArgsConstructor; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RestController; +import org.websoso.WSSServer.dto.auth.ReissueRequest; +import org.websoso.WSSServer.dto.auth.ReissueResponse; +import org.websoso.WSSServer.service.AuthService; + +@RestController +@RequiredArgsConstructor +public class AuthController { + + private final AuthService authService; + + @PostMapping("/reissue") + public ResponseEntity reissue(@RequestBody ReissueRequest reissueRequest) { + String refreshToken = reissueRequest.refreshToken(); + return ResponseEntity + .status(OK) + .body(authService.reissue(refreshToken)); + } +} From a1cf73503989d69d0405385da7c4f25eef594916 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 14:14:23 +0900 Subject: [PATCH 28/79] =?UTF-8?q?[FEAT]=20reissue=20=EC=9A=94=EC=B2=AD=20?= =?UTF-8?q?=EB=B0=8F=20=EC=9D=91=EB=8B=B5=20dto=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/websoso/WSSServer/dto/auth/ReissueRequest.java | 6 ++++++ .../websoso/WSSServer/dto/auth/ReissueResponse.java | 10 ++++++++++ 2 files changed, 16 insertions(+) create mode 100644 src/main/java/org/websoso/WSSServer/dto/auth/ReissueRequest.java create mode 100644 src/main/java/org/websoso/WSSServer/dto/auth/ReissueResponse.java diff --git a/src/main/java/org/websoso/WSSServer/dto/auth/ReissueRequest.java b/src/main/java/org/websoso/WSSServer/dto/auth/ReissueRequest.java new file mode 100644 index 00000000..9e344972 --- /dev/null +++ b/src/main/java/org/websoso/WSSServer/dto/auth/ReissueRequest.java @@ -0,0 +1,6 @@ +package org.websoso.WSSServer.dto.auth; + +public record ReissueRequest( + String refreshToken +) { +} diff --git a/src/main/java/org/websoso/WSSServer/dto/auth/ReissueResponse.java b/src/main/java/org/websoso/WSSServer/dto/auth/ReissueResponse.java new file mode 100644 index 00000000..305a6cb6 --- /dev/null +++ b/src/main/java/org/websoso/WSSServer/dto/auth/ReissueResponse.java @@ -0,0 +1,10 @@ +package org.websoso.WSSServer.dto.auth; + +public record ReissueResponse( + String Authorization +) { + + public static ReissueResponse of(String accessToken) { + return new ReissueResponse(accessToken); + } +} From a4164d65c4d0048136801274aa0bf58f519e0377 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 14:15:11 +0900 Subject: [PATCH 29/79] =?UTF-8?q?[FEAT]=20service=20layer=EC=97=90?= =?UTF-8?q?=EC=84=9C=20valid=ED=95=9C=20refresh=20token=EC=9D=B8=20?= =?UTF-8?q?=EA=B2=BD=EC=9A=B0=20reissue=20=EB=A1=9C=EC=A7=81=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/service/AuthService.java | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 src/main/java/org/websoso/WSSServer/service/AuthService.java diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java new file mode 100644 index 00000000..6db6b20b --- /dev/null +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -0,0 +1,28 @@ +package org.websoso.WSSServer.service; + +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; +import org.websoso.WSSServer.config.jwt.JwtProvider; +import org.websoso.WSSServer.config.jwt.JwtValidationType; +import org.websoso.WSSServer.config.jwt.UserAuthentication; +import org.websoso.WSSServer.dto.auth.ReissueResponse; + +@Service +@RequiredArgsConstructor +@Transactional(readOnly = true) +public class AuthService { + + private final JwtProvider jwtProvider; + + public ReissueResponse reissue(String refreshToken) { + JwtValidationType validationResult = jwtProvider.validateJWT(refreshToken); + + if (validationResult == JwtValidationType.VALID_TOKEN) { + Long userId = jwtProvider.getUserIdFromJwt(refreshToken); + UserAuthentication userAuthentication = new UserAuthentication(userId, null, null); + String newAccessToken = jwtProvider.generateAccessToken(userAuthentication); + return ReissueResponse.of(newAccessToken); + } + } +} From 071ffc8bb36d369c915477023f22341614c92830 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 14:15:41 +0900 Subject: [PATCH 30/79] =?UTF-8?q?[FEAT]=20expired=20refresh=20token?= =?UTF-8?q?=EC=9D=B8=20=EA=B2=BD=EC=9A=B0=20=EC=98=88=EC=99=B8=20=EB=A1=9C?= =?UTF-8?q?=EC=A7=81=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/service/AuthService.java | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index 6db6b20b..b78586b1 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -1,5 +1,7 @@ package org.websoso.WSSServer.service; +import static org.websoso.WSSServer.exception.error.CustomAuthError.EXPIRED_REFRESH_TOKEN; + import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -7,6 +9,7 @@ import org.websoso.WSSServer.config.jwt.JwtValidationType; import org.websoso.WSSServer.config.jwt.UserAuthentication; import org.websoso.WSSServer.dto.auth.ReissueResponse; +import org.websoso.WSSServer.exception.exception.CustomAuthException; @Service @RequiredArgsConstructor @@ -23,6 +26,8 @@ public ReissueResponse reissue(String refreshToken) { UserAuthentication userAuthentication = new UserAuthentication(userId, null, null); String newAccessToken = jwtProvider.generateAccessToken(userAuthentication); return ReissueResponse.of(newAccessToken); + } else if (validationResult == JwtValidationType.EXPIRED_TOKEN) { + throw new CustomAuthException(EXPIRED_REFRESH_TOKEN, "given token is expired refresh token."); } } } From 9f69a22d1aeee61543d391be8ffbd413a88cbf39 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 14:15:53 +0900 Subject: [PATCH 31/79] =?UTF-8?q?[FEAT]=20invalid=20refresh=20token?= =?UTF-8?q?=EC=9D=B8=20=EA=B2=BD=EC=9A=B0=20=EC=98=88=EC=99=B8=20=EB=A1=9C?= =?UTF-8?q?=EC=A7=81=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/service/AuthService.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index b78586b1..8f30baa2 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -1,6 +1,7 @@ package org.websoso.WSSServer.service; import static org.websoso.WSSServer.exception.error.CustomAuthError.EXPIRED_REFRESH_TOKEN; +import static org.websoso.WSSServer.exception.error.CustomAuthError.INVALID_TOKEN; import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; @@ -29,5 +30,6 @@ public ReissueResponse reissue(String refreshToken) { } else if (validationResult == JwtValidationType.EXPIRED_TOKEN) { throw new CustomAuthException(EXPIRED_REFRESH_TOKEN, "given token is expired refresh token."); } + throw new CustomAuthException(INVALID_TOKEN, "given token is invalid token."); } } From b0167fe09b0b686f3055bc293b4df839a2d39499 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 14:16:16 +0900 Subject: [PATCH 32/79] =?UTF-8?q?[FEAT]=20CustomAuthError=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 만료된 리프레시 토큰과 유효하지 않은 토큰 enum 추가 --- .../exception/error/CustomAuthError.java | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java diff --git a/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java b/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java new file mode 100644 index 00000000..080dc217 --- /dev/null +++ b/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java @@ -0,0 +1,21 @@ +package org.websoso.WSSServer.exception.error; + +import static org.springframework.http.HttpStatus.UNAUTHORIZED; + +import lombok.AllArgsConstructor; +import lombok.Getter; +import org.springframework.http.HttpStatus; +import org.websoso.WSSServer.exception.common.ICustomError; + +@Getter +@AllArgsConstructor +public enum CustomAuthError implements ICustomError { + + EXPIRED_REFRESH_TOKEN("AUTH-001", "만료된 리프레시 토큰입니다.", UNAUTHORIZED), + INVALID_TOKEN("AUTH-002", "유효하지 않은 토큰입니다.", UNAUTHORIZED); + + private final String code; + private final String description; + private final HttpStatus statusCode; +} + From a6d9f9e51e95b77d6904bf9811bb9a46c6ea581b Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 14:16:26 +0900 Subject: [PATCH 33/79] =?UTF-8?q?[FEAT]=20CustomAuthException=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../exception/exception/CustomAuthException.java | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 src/main/java/org/websoso/WSSServer/exception/exception/CustomAuthException.java diff --git a/src/main/java/org/websoso/WSSServer/exception/exception/CustomAuthException.java b/src/main/java/org/websoso/WSSServer/exception/exception/CustomAuthException.java new file mode 100644 index 00000000..f419c3ff --- /dev/null +++ b/src/main/java/org/websoso/WSSServer/exception/exception/CustomAuthException.java @@ -0,0 +1,13 @@ +package org.websoso.WSSServer.exception.exception; + +import lombok.Getter; +import org.websoso.WSSServer.exception.common.AbstractCustomException; +import org.websoso.WSSServer.exception.error.CustomAuthError; + +@Getter +public class CustomAuthException extends AbstractCustomException { + + public CustomAuthException(CustomAuthError customAuthError, String message) { + super(customAuthError, message); + } +} From 5cdc83610e68d669dac16e2634f37133e7f2acff Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 14:16:58 +0900 Subject: [PATCH 34/79] =?UTF-8?q?[FEAT]=20=EC=9D=B8=EC=A6=9D=20=EC=A0=9C?= =?UTF-8?q?=EC=99=B8=20=EC=97=94=EB=93=9C=ED=8F=AC=EC=9D=B8=ED=8A=B8?= =?UTF-8?q?=EC=97=90=20/reissue=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/config/SecurityConfig.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/config/SecurityConfig.java b/src/main/java/org/websoso/WSSServer/config/SecurityConfig.java index d9c55dab..6ded0a18 100644 --- a/src/main/java/org/websoso/WSSServer/config/SecurityConfig.java +++ b/src/main/java/org/websoso/WSSServer/config/SecurityConfig.java @@ -41,7 +41,8 @@ public class SecurityConfig { "/feeds/popular", "/users/{userId}/feeds", "/users/profile/{userId}", - "/{userId}/preferences/genres" + "/{userId}/preferences/genres", + "/reissue" }; @Bean From 6779aefc0f3d06d052cbac7f5b9a7a73994eb3ad Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 14:33:08 +0900 Subject: [PATCH 35/79] =?UTF-8?q?[FIX]=20RTR(refresh=20token=20rotation)?= =?UTF-8?q?=EC=9D=84=20=EC=9C=84=ED=95=B4=20=EC=9D=91=EB=8B=B5=20dto?= =?UTF-8?q?=EC=97=90=20=ED=94=84=EB=A1=9C=ED=8D=BC=ED=8B=B0=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/websoso/WSSServer/dto/auth/ReissueResponse.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/dto/auth/ReissueResponse.java b/src/main/java/org/websoso/WSSServer/dto/auth/ReissueResponse.java index 305a6cb6..06525261 100644 --- a/src/main/java/org/websoso/WSSServer/dto/auth/ReissueResponse.java +++ b/src/main/java/org/websoso/WSSServer/dto/auth/ReissueResponse.java @@ -1,10 +1,11 @@ package org.websoso.WSSServer.dto.auth; public record ReissueResponse( - String Authorization + String Authorization, + String refreshToken ) { - public static ReissueResponse of(String accessToken) { - return new ReissueResponse(accessToken); + public static ReissueResponse of(String accessToken, String refreshToken) { + return new ReissueResponse(accessToken, refreshToken); } } From 3721ea86ea856290fd85d8207de7f83fc6fe5a5b Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 14:33:29 +0900 Subject: [PATCH 36/79] =?UTF-8?q?[FEAT]=20=EC=83=88=EB=A1=9C=EC=9A=B4=20re?= =?UTF-8?q?fresh=20token=20=EB=B0=9C=EA=B8=89=20=EB=A1=9C=EC=A7=81=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/service/AuthService.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index 8f30baa2..078786fc 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -26,7 +26,8 @@ public ReissueResponse reissue(String refreshToken) { Long userId = jwtProvider.getUserIdFromJwt(refreshToken); UserAuthentication userAuthentication = new UserAuthentication(userId, null, null); String newAccessToken = jwtProvider.generateAccessToken(userAuthentication); - return ReissueResponse.of(newAccessToken); + String newRefreshToken = jwtProvider.generateRefreshToken(userAuthentication); + return ReissueResponse.of(newAccessToken, newRefreshToken); } else if (validationResult == JwtValidationType.EXPIRED_TOKEN) { throw new CustomAuthException(EXPIRED_REFRESH_TOKEN, "given token is expired refresh token."); } From c742c558084802d3f6d0b983a58d574eeb9757c5 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 15:00:13 +0900 Subject: [PATCH 37/79] =?UTF-8?q?[FIX]=20jwt=20=EC=83=9D=EC=84=B1=20?= =?UTF-8?q?=EC=8B=9C=20claim=EC=97=90=20tokenType=EC=9D=84=20subject?= =?UTF-8?q?=EB=A1=9C=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/websoso/WSSServer/config/jwt/JwtProvider.java | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 4b174f71..4162f6ca 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -39,24 +39,25 @@ protected void init() { } public String generateAccessToken(Authentication authentication) { - return generateJWT(authentication, ACCESS_TOKEN_EXPIRATION_TIME); + return generateJWT(authentication, ACCESS_TOKEN_EXPIRATION_TIME, "access"); } public String generateRefreshToken(Authentication authentication) { - return generateJWT(authentication, REFRESH_TOKEN_EXPIRATION_TIME); + return generateJWT(authentication, REFRESH_TOKEN_EXPIRATION_TIME, "refresh"); } - public String generateJWT(Authentication authentication, Long expirationTime) { + public String generateJWT(Authentication authentication, Long expirationTime, String tokenType) { return Jwts.builder() .setHeaderParam(Header.TYPE, Header.JWT_TYPE) - .setClaims(generateClaims(authentication, expirationTime)) + .setClaims(generateClaims(authentication, expirationTime, tokenType)) .signWith(getSigningKey(), SignatureAlgorithm.HS256) .compact(); } - private Claims generateClaims(Authentication authentication, Long expirationTime) { + private Claims generateClaims(Authentication authentication, Long expirationTime, String tokenType) { long now = System.currentTimeMillis(); final Claims claims = Jwts.claims() + .setSubject(tokenType) .setIssuedAt(new Date(now)) .setExpiration(new Date(now + expirationTime)); claims.put(CLAIM_USER_ID, authentication.getPrincipal()); From e14326b1284aec75506a10a353f6eeb195094097 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 15:23:13 +0900 Subject: [PATCH 38/79] =?UTF-8?q?[FEAT]=20tokenType=20=ED=99=95=EC=9D=B8?= =?UTF-8?q?=20=EB=A9=94=EC=84=9C=EB=93=9C=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 4162f6ca..101197cc 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -96,4 +96,10 @@ private Claims getClaim(final String token) { .parseClaimsJws(token) .getBody(); } + + public String getTokenTypeFromJwt(String token) { + Claims claims = getClaim(token); + return claims.getSubject(); + } + } From 928b1cfd2ba9b9a0918b3c0fbc057956e4b87ccd Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 15:23:49 +0900 Subject: [PATCH 39/79] =?UTF-8?q?[FEAT]=20reissue=EC=8B=9C,=20tokenType=20?= =?UTF-8?q?=ED=99=95=EC=9D=B8=20=EB=A1=9C=EC=A7=81=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit refresh type이 아닐 경우 INVALID_TOKEN으로 처리 --- .../WSSServer/service/AuthService.java | 20 ++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index 078786fc..04804e45 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -21,15 +21,17 @@ public class AuthService { public ReissueResponse reissue(String refreshToken) { JwtValidationType validationResult = jwtProvider.validateJWT(refreshToken); - - if (validationResult == JwtValidationType.VALID_TOKEN) { - Long userId = jwtProvider.getUserIdFromJwt(refreshToken); - UserAuthentication userAuthentication = new UserAuthentication(userId, null, null); - String newAccessToken = jwtProvider.generateAccessToken(userAuthentication); - String newRefreshToken = jwtProvider.generateRefreshToken(userAuthentication); - return ReissueResponse.of(newAccessToken, newRefreshToken); - } else if (validationResult == JwtValidationType.EXPIRED_TOKEN) { - throw new CustomAuthException(EXPIRED_REFRESH_TOKEN, "given token is expired refresh token."); + String tokenType = jwtProvider.getTokenTypeFromJwt(refreshToken); + if ("refresh".equals(tokenType)) { + if (validationResult == JwtValidationType.VALID_TOKEN) { + Long userId = jwtProvider.getUserIdFromJwt(refreshToken); + UserAuthentication userAuthentication = new UserAuthentication(userId, null, null); + String newAccessToken = jwtProvider.generateAccessToken(userAuthentication); + String newRefreshToken = jwtProvider.generateRefreshToken(userAuthentication); + return ReissueResponse.of(newAccessToken, newRefreshToken); + } else if (validationResult == JwtValidationType.EXPIRED_TOKEN) { + throw new CustomAuthException(EXPIRED_REFRESH_TOKEN, "given token is expired refresh token."); + } } throw new CustomAuthException(INVALID_TOKEN, "given token is invalid token."); } From 1faf2d397a712209a16ae7ffc67bc83c431bec8f Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 16:04:27 +0900 Subject: [PATCH 40/79] =?UTF-8?q?[REMOVE]=20JwtProvider=EC=97=90=EC=84=9C?= =?UTF-8?q?=20=ED=86=A0=ED=81=B0=20=EA=B2=80=EC=A6=9D=20=EB=B0=8F=20?= =?UTF-8?q?=EC=A0=95=EB=B3=B4=20=EC=B6=94=EC=B6=9C=20=EB=A1=9C=EC=A7=81=20?= =?UTF-8?q?=EC=82=AD=EC=A0=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit JwtProvider는 토큰 생성 책임만 가짐 --- .../WSSServer/config/jwt/JwtProvider.java | 37 ------------------- 1 file changed, 37 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 101197cc..39f33c97 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -1,12 +1,9 @@ package org.websoso.WSSServer.config.jwt; import io.jsonwebtoken.Claims; -import io.jsonwebtoken.ExpiredJwtException; import io.jsonwebtoken.Header; import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.MalformedJwtException; import io.jsonwebtoken.SignatureAlgorithm; -import io.jsonwebtoken.UnsupportedJwtException; import io.jsonwebtoken.security.Keys; import jakarta.annotation.PostConstruct; import java.nio.charset.StandardCharsets; @@ -68,38 +65,4 @@ private Claims generateClaims(Authentication authentication, Long expirationTime private SecretKey getSigningKey() { return Keys.hmacShaKeyFor(JWT_SECRET_KEY.getBytes()); } - - public Long getUserIdFromJwt(String token) { - Claims claims = getClaim(token); - return Long.valueOf(claims.get(CLAIM_USER_ID).toString()); - } - - public JwtValidationType validateJWT(String token) { - try { - final Claims claims = getClaim(token); - return JwtValidationType.VALID_TOKEN; - } catch (MalformedJwtException ex) { - return JwtValidationType.INVALID_TOKEN; - } catch (ExpiredJwtException ex) { - return JwtValidationType.EXPIRED_TOKEN; - } catch (UnsupportedJwtException ex) { - return JwtValidationType.UNSUPPORTED_TOKEN; - } catch (IllegalArgumentException ex) { - return JwtValidationType.EMPTY_TOKEN; - } - } - - private Claims getClaim(final String token) { - return Jwts.parserBuilder() - .setSigningKey(getSigningKey()) - .build() - .parseClaimsJws(token) - .getBody(); - } - - public String getTokenTypeFromJwt(String token) { - Claims claims = getClaim(token); - return claims.getSubject(); - } - } From ab181b732a10bff8bca6e021e4db70517fc37265 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 16:06:18 +0900 Subject: [PATCH 41/79] =?UTF-8?q?[FEAT]=20JwtProvider=EC=97=90=EC=84=9C=20?= =?UTF-8?q?=EC=82=AD=EC=A0=9C=ED=95=9C=20=ED=86=A0=ED=81=B0=20=EA=B2=80?= =?UTF-8?q?=EC=A6=9D=20=EB=B0=8F=20=EC=A0=95=EB=B3=B4=20=EC=B6=94=EC=B6=9C?= =?UTF-8?q?=20=EB=A1=9C=EC=A7=81=20=EC=B1=85=EC=9E=84=EC=9D=84=20=EA=B0=96?= =?UTF-8?q?=EB=8A=94=20JWTUtil=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit JwtProvider를 의존성 주입 받음 --- .../websoso/WSSServer/config/jwt/JWTUtil.java | 51 +++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java b/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java new file mode 100644 index 00000000..ec0ebd3e --- /dev/null +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java @@ -0,0 +1,51 @@ +package org.websoso.WSSServer.config.jwt; + +import static org.websoso.WSSServer.config.jwt.JwtProvider.CLAIM_USER_ID; + +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.ExpiredJwtException; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.MalformedJwtException; +import io.jsonwebtoken.UnsupportedJwtException; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Component; + +@Component +@RequiredArgsConstructor +public class JWTUtil { + + private final JwtProvider jwtProvider; + + public Long getUserIdFromJwt(String token) { + Claims claims = getClaim(token); + return Long.valueOf(claims.get(CLAIM_USER_ID).toString()); + } + + public JwtValidationType validateJWT(String token) { + try { + final Claims claims = getClaim(token); + return JwtValidationType.VALID_TOKEN; + } catch (MalformedJwtException ex) { + return JwtValidationType.INVALID_TOKEN; + } catch (ExpiredJwtException ex) { + return JwtValidationType.EXPIRED_TOKEN; + } catch (UnsupportedJwtException ex) { + return JwtValidationType.UNSUPPORTED_TOKEN; + } catch (IllegalArgumentException ex) { + return JwtValidationType.EMPTY_TOKEN; + } + } + + private Claims getClaim(final String token) { + return Jwts.parserBuilder() + .setSigningKey(jwtProvider.getSigningKey()) + .build() + .parseClaimsJws(token) + .getBody(); + } + + public String getTokenTypeFromJwt(String token) { + Claims claims = getClaim(token); + return claims.getSubject(); + } +} From 4f99b2bcfa61793cc7cd7a3aaf860e4df4d44ecb Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 16:06:55 +0900 Subject: [PATCH 42/79] =?UTF-8?q?[FIX]=20CLAIM=5FUSER=5FID=EC=99=80=20getS?= =?UTF-8?q?igningKey()=EB=A5=BC=20JWTUtil=EC=97=90=EC=84=9C=20=EC=82=AC?= =?UTF-8?q?=EC=9A=A9=ED=95=A0=20=EC=88=98=20=EC=9E=88=EB=8F=84=EB=A1=9D=20?= =?UTF-8?q?=EC=A0=91=EA=B7=BC=EC=9E=90=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit from private to protected --- .../java/org/websoso/WSSServer/config/jwt/JwtProvider.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java index 39f33c97..b5633c94 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtProvider.java @@ -19,7 +19,7 @@ @RequiredArgsConstructor public class JwtProvider { - private static final String CLAIM_USER_ID = "userId"; + protected static final String CLAIM_USER_ID = "userId"; @Value("${jwt.secret}") private String JWT_SECRET_KEY; @@ -62,7 +62,7 @@ private Claims generateClaims(Authentication authentication, Long expirationTime return claims; } - private SecretKey getSigningKey() { + protected SecretKey getSigningKey() { return Keys.hmacShaKeyFor(JWT_SECRET_KEY.getBytes()); } } From 1fd08c530577d692438de98a6b3a03ed82e17958 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 16:35:46 +0900 Subject: [PATCH 43/79] =?UTF-8?q?[FEAT]=20AuthService=EC=97=90=EC=84=9C=20?= =?UTF-8?q?JWTUtil=20=EC=9D=98=EC=A1=B4=EC=84=B1=20=EC=A3=BC=EC=9E=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/service/AuthService.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index 04804e45..81427f62 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -6,6 +6,7 @@ import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import org.websoso.WSSServer.config.jwt.JWTUtil; import org.websoso.WSSServer.config.jwt.JwtProvider; import org.websoso.WSSServer.config.jwt.JwtValidationType; import org.websoso.WSSServer.config.jwt.UserAuthentication; @@ -18,6 +19,7 @@ public class AuthService { private final JwtProvider jwtProvider; + private final JWTUtil jwtUtil; public ReissueResponse reissue(String refreshToken) { JwtValidationType validationResult = jwtProvider.validateJWT(refreshToken); From 7fa2966d3f00a5ee85b12963d6fa6521eeebf804 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 16:46:15 +0900 Subject: [PATCH 44/79] =?UTF-8?q?[FEAT]=20JwtAuthenticationFilter=EC=97=90?= =?UTF-8?q?=EC=84=9C=20JWTUtil=20=EC=9D=98=EC=A1=B4=EC=84=B1=20=EC=A3=BC?= =?UTF-8?q?=EC=9E=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java index 7173b688..3af142b4 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java @@ -25,6 +25,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { private final static String TOKEN_PREFIX = "Bearer "; private final JwtProvider jwtProvider; + private final JWTUtil jwtUtil; @Override protected void doFilterInternal(@NonNull HttpServletRequest request, From 270c9bbe8ae8e681b7e61827802c23a6b14ac1de Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 16:46:35 +0900 Subject: [PATCH 45/79] =?UTF-8?q?[REFACTOR]=20=ED=86=A0=ED=81=B0=20?= =?UTF-8?q?=EA=B2=80=EC=A6=9D=20=EB=B0=8F=20=EC=A0=95=EB=B3=B4=20=EC=B6=94?= =?UTF-8?q?=EC=B6=9C=20=EB=A1=9C=EC=A7=81=20jwtUtil=EC=97=90=20=EC=9D=98?= =?UTF-8?q?=EC=A1=B4=ED=95=98=EB=8F=84=EB=A1=9D=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/config/jwt/JwtAuthenticationFilter.java | 4 ++-- .../java/org/websoso/WSSServer/service/AuthService.java | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java index 3af142b4..233740c6 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java @@ -33,9 +33,9 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, @NonNull FilterChain filterChain) throws ServletException, IOException { try { final String token = getJwtFromRequest(request); - final JwtValidationType validationResult = jwtProvider.validateJWT(token); + final JwtValidationType validationResult = jwtUtil.validateJWT(token); if (validationResult == VALID_TOKEN) { - Long memberId = jwtProvider.getUserIdFromJwt(token); + Long memberId = jwtUtil.getUserIdFromJwt(token); UserAuthentication authentication = new UserAuthentication(memberId.toString(), null, null); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); SecurityContextHolder.getContext().setAuthentication(authentication); diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index 81427f62..4d78b866 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -22,11 +22,11 @@ public class AuthService { private final JWTUtil jwtUtil; public ReissueResponse reissue(String refreshToken) { - JwtValidationType validationResult = jwtProvider.validateJWT(refreshToken); - String tokenType = jwtProvider.getTokenTypeFromJwt(refreshToken); + JwtValidationType validationResult = jwtUtil.validateJWT(refreshToken); + String tokenType = jwtUtil.getTokenTypeFromJwt(refreshToken); if ("refresh".equals(tokenType)) { if (validationResult == JwtValidationType.VALID_TOKEN) { - Long userId = jwtProvider.getUserIdFromJwt(refreshToken); + Long userId = jwtUtil.getUserIdFromJwt(refreshToken); UserAuthentication userAuthentication = new UserAuthentication(userId, null, null); String newAccessToken = jwtProvider.generateAccessToken(userAuthentication); String newRefreshToken = jwtProvider.generateRefreshToken(userAuthentication); From 94b20cc869b04a1ab2f832df112706b0c30baeec Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Mon, 9 Sep 2024 16:47:01 +0900 Subject: [PATCH 46/79] =?UTF-8?q?[REMOVE]=20=EC=82=AC=EC=9A=A9=ED=95=98?= =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EB=8A=94=20JwtProvider=20=EC=9D=98?= =?UTF-8?q?=EC=A1=B4=EC=84=B1=20=EC=82=AD=EC=A0=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java | 1 - 1 file changed, 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java index 233740c6..f20ae9e9 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java @@ -24,7 +24,6 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { private final static String TOKEN_PREFIX = "Bearer "; - private final JwtProvider jwtProvider; private final JWTUtil jwtUtil; @Override From ddf949c67aa8f227e946d2d46cda3aa58360722f Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Tue, 10 Sep 2024 13:35:37 +0900 Subject: [PATCH 47/79] =?UTF-8?q?[FEAT]=20=EC=98=A8=EB=B3=B4=EB=94=A9=20?= =?UTF-8?q?=EC=A7=84=ED=96=89=20=EC=97=AC=EB=B6=80=20=EC=B2=B4=ED=81=AC=20?= =?UTF-8?q?=EB=B3=80=EC=88=98=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/oauth2/CustomAuthenticationSuccessHandler.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java index edbfde64..d48fe540 100644 --- a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java +++ b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java @@ -31,6 +31,8 @@ public void onAuthenticationSuccess(HttpServletRequest request, String accessToken = jwtProvider.generateAccessToken(userAuthentication); String refreshToken = jwtProvider.generateRefreshToken(userAuthentication); + boolean isRegister = !user.getNickname().contains("*"); + response.setContentType("application/json"); response.setStatus(HttpServletResponse.SC_OK); response.getWriter() From aa7e7facf7a960db50df3bc45c5fe1424a349faf Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Tue, 10 Sep 2024 13:36:19 +0900 Subject: [PATCH 48/79] =?UTF-8?q?[FEAT]=20=EC=9D=91=EB=8B=B5=EC=97=90=20is?= =?UTF-8?q?Register=20=ED=94=84=EB=A1=9C=ED=8D=BC=ED=8B=B0=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/oauth2/CustomAuthenticationSuccessHandler.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java index d48fe540..aa9392d7 100644 --- a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java +++ b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java @@ -36,6 +36,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, response.setContentType("application/json"); response.setStatus(HttpServletResponse.SC_OK); response.getWriter() - .write("{\"Authorization\": \"" + accessToken + "\", \"refreshToken\": \"" + refreshToken + "\"}"); + .write(String.format("{\"Authorization\": \"%s\", \"refreshToken\": \"%s\", \"isRegister\": %s}", + accessToken, refreshToken, isRegister)); } } From abfa7a0228e01497f974e48f4537655853dc6eab Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Tue, 10 Sep 2024 23:49:19 +0900 Subject: [PATCH 49/79] =?UTF-8?q?[CHORE]=20lettuce=20=EC=9D=98=EC=A1=B4?= =?UTF-8?q?=EC=84=B1=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- build.gradle | 3 +++ 1 file changed, 3 insertions(+) diff --git a/build.gradle b/build.gradle index f17a5264..f7e82049 100644 --- a/build.gradle +++ b/build.gradle @@ -61,6 +61,9 @@ dependencies { //spring boot oauth2 implementation 'org.springframework.boot:spring-boot-starter-oauth2-client' + + // Lettuce for Java Redis client + implementation 'io.lettuce:lettuce-core:6.3.2.RELEASE' } tasks.named('test') { From d6d4fe7edf54d46d72033019a3cab6ec58d0ceb9 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Tue, 10 Sep 2024 23:49:32 +0900 Subject: [PATCH 50/79] =?UTF-8?q?[CHORE]=20spring-data-redis=20=EC=9D=98?= =?UTF-8?q?=EC=A1=B4=EC=84=B1=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- build.gradle | 3 +++ 1 file changed, 3 insertions(+) diff --git a/build.gradle b/build.gradle index f7e82049..88adb394 100644 --- a/build.gradle +++ b/build.gradle @@ -64,6 +64,9 @@ dependencies { // Lettuce for Java Redis client implementation 'io.lettuce:lettuce-core:6.3.2.RELEASE' + + // spring data redis + implementation 'org.springframework.data:spring-data-redis:3.3.2' } tasks.named('test') { From 7cf8a1abffeb4a4f8bf5da223df3f5c7a18b7f95 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Tue, 10 Sep 2024 23:50:13 +0900 Subject: [PATCH 51/79] =?UTF-8?q?[FEAT]=20RefreshToken=20=EC=97=94?= =?UTF-8?q?=ED=8B=B0=ED=8B=B0=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../websoso/WSSServer/domain/RefreshToken.java | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 src/main/java/org/websoso/WSSServer/domain/RefreshToken.java diff --git a/src/main/java/org/websoso/WSSServer/domain/RefreshToken.java b/src/main/java/org/websoso/WSSServer/domain/RefreshToken.java new file mode 100644 index 00000000..729b415d --- /dev/null +++ b/src/main/java/org/websoso/WSSServer/domain/RefreshToken.java @@ -0,0 +1,17 @@ +package org.websoso.WSSServer.domain; + +import lombok.AllArgsConstructor; +import lombok.Getter; +import org.springframework.data.annotation.Id; +import org.springframework.data.redis.core.RedisHash; + +@Getter +@AllArgsConstructor +@RedisHash(value = "refreshToken") +public class RefreshToken { + + @Id + private String refreshToken; + + private Long userId; +} From 99c061825801b46d9edb4b5aac7950bfeca89249 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Tue, 10 Sep 2024 23:52:16 +0900 Subject: [PATCH 52/79] =?UTF-8?q?[FEAT]=20RefreshTokenRepository=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/repository/RefreshTokenRepository.java | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 src/main/java/org/websoso/WSSServer/repository/RefreshTokenRepository.java diff --git a/src/main/java/org/websoso/WSSServer/repository/RefreshTokenRepository.java b/src/main/java/org/websoso/WSSServer/repository/RefreshTokenRepository.java new file mode 100644 index 00000000..77ed9566 --- /dev/null +++ b/src/main/java/org/websoso/WSSServer/repository/RefreshTokenRepository.java @@ -0,0 +1,10 @@ +package org.websoso.WSSServer.repository; + +import java.util.Optional; +import org.springframework.data.repository.CrudRepository; +import org.websoso.WSSServer.domain.RefreshToken; + +public interface RefreshTokenRepository extends CrudRepository { + + Optional findByRefreshToken(String refreshToken); +} From 73fa63a3b47cdd475a4def94fb0f14b7b162fece Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Tue, 10 Sep 2024 23:53:33 +0900 Subject: [PATCH 53/79] =?UTF-8?q?[FEAT]=20CustomAuthenticationSuccessHandl?= =?UTF-8?q?er=EC=97=90=20refreshTokenRepository=20=EC=9D=98=EC=A1=B4?= =?UTF-8?q?=EA=B4=80=EA=B3=84=20=EC=A3=BC=EC=9E=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/oauth2/CustomAuthenticationSuccessHandler.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java index aa9392d7..048b3c74 100644 --- a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java +++ b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java @@ -11,6 +11,7 @@ import org.websoso.WSSServer.config.jwt.UserAuthentication; import org.websoso.WSSServer.domain.User; import org.websoso.WSSServer.oauth2.dto.CustomOAuth2User; +import org.websoso.WSSServer.repository.RefreshTokenRepository; import org.websoso.WSSServer.repository.UserRepository; @Component @@ -19,6 +20,7 @@ public class CustomAuthenticationSuccessHandler extends SimpleUrlAuthenticationS private final JwtProvider jwtProvider; private final UserRepository userRepository; + private final RefreshTokenRepository refreshTokenRepository; @Override public void onAuthenticationSuccess(HttpServletRequest request, From 50c7d5494dea2c20f988291d5d84b1a52d71f7af Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Tue, 10 Sep 2024 23:53:58 +0900 Subject: [PATCH 54/79] =?UTF-8?q?[FEAT]=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20?= =?UTF-8?q?=EC=84=B1=EA=B3=B5=20=EC=8B=9C=20=EB=B0=9C=EA=B8=89=ED=95=98?= =?UTF-8?q?=EB=8A=94=20refresh=20token=20redis=EC=97=90=20=EC=A0=80?= =?UTF-8?q?=EC=9E=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/oauth2/CustomAuthenticationSuccessHandler.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java index 048b3c74..44c74c1e 100644 --- a/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java +++ b/src/main/java/org/websoso/WSSServer/oauth2/CustomAuthenticationSuccessHandler.java @@ -9,6 +9,7 @@ import org.springframework.stereotype.Component; import org.websoso.WSSServer.config.jwt.JwtProvider; import org.websoso.WSSServer.config.jwt.UserAuthentication; +import org.websoso.WSSServer.domain.RefreshToken; import org.websoso.WSSServer.domain.User; import org.websoso.WSSServer.oauth2.dto.CustomOAuth2User; import org.websoso.WSSServer.repository.RefreshTokenRepository; @@ -33,6 +34,9 @@ public void onAuthenticationSuccess(HttpServletRequest request, String accessToken = jwtProvider.generateAccessToken(userAuthentication); String refreshToken = jwtProvider.generateRefreshToken(userAuthentication); + RefreshToken redisRefreshToken = new RefreshToken(refreshToken, user.getUserId()); + refreshTokenRepository.save(redisRefreshToken); + boolean isRegister = !user.getNickname().contains("*"); response.setContentType("application/json"); From 6a9676f4add943a10857e7d929bac325bdd1fba4 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Tue, 10 Sep 2024 23:54:52 +0900 Subject: [PATCH 55/79] =?UTF-8?q?[FEAT]=20AuthService=EC=97=90=20refreshTo?= =?UTF-8?q?kenRepository=20=EC=9D=98=EC=A1=B4=EA=B4=80=EA=B3=84=20?= =?UTF-8?q?=EC=A3=BC=EC=9E=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/service/AuthService.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index 4d78b866..aae2d72d 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -12,6 +12,7 @@ import org.websoso.WSSServer.config.jwt.UserAuthentication; import org.websoso.WSSServer.dto.auth.ReissueResponse; import org.websoso.WSSServer.exception.exception.CustomAuthException; +import org.websoso.WSSServer.repository.RefreshTokenRepository; @Service @RequiredArgsConstructor @@ -20,6 +21,7 @@ public class AuthService { private final JwtProvider jwtProvider; private final JWTUtil jwtUtil; + private final RefreshTokenRepository refreshTokenRepository; public ReissueResponse reissue(String refreshToken) { JwtValidationType validationResult = jwtUtil.validateJWT(refreshToken); From 0f9620dfd9632d1c706fe8417c0de0f3c99daafe Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Wed, 11 Sep 2024 01:43:31 +0900 Subject: [PATCH 56/79] =?UTF-8?q?[FEAT]=20Application=20=ED=81=B4=EB=9E=98?= =?UTF-8?q?=EC=8A=A4=EC=97=90=20@EnableRedisRepositories=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/WssServerApplication.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/WssServerApplication.java b/src/main/java/org/websoso/WSSServer/WssServerApplication.java index 56df6e90..16b89744 100644 --- a/src/main/java/org/websoso/WSSServer/WssServerApplication.java +++ b/src/main/java/org/websoso/WSSServer/WssServerApplication.java @@ -2,9 +2,11 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.data.redis.repository.configuration.EnableRedisRepositories; import org.springframework.scheduling.annotation.EnableScheduling; @EnableScheduling +@EnableRedisRepositories @SpringBootApplication public class WssServerApplication { From 2cafece1960863b4d5258a0cea3299dde36bea0e Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Wed, 11 Sep 2024 01:43:56 +0900 Subject: [PATCH 57/79] =?UTF-8?q?[STYLE]=20=EC=BD=94=EB=93=9C=20=ED=8F=AC?= =?UTF-8?q?=EB=A7=B7=ED=8C=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/org/websoso/WSSServer/WssServerApplication.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/WssServerApplication.java b/src/main/java/org/websoso/WSSServer/WssServerApplication.java index 16b89744..45e78f6e 100644 --- a/src/main/java/org/websoso/WSSServer/WssServerApplication.java +++ b/src/main/java/org/websoso/WSSServer/WssServerApplication.java @@ -10,7 +10,7 @@ @SpringBootApplication public class WssServerApplication { - public static void main(String[] args) { - SpringApplication.run(WssServerApplication.class, args); - } + public static void main(String[] args) { + SpringApplication.run(WssServerApplication.class, args); + } } From 6feefe64e8e51f64e915880cce8c103545487929 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Wed, 11 Sep 2024 01:45:12 +0900 Subject: [PATCH 58/79] =?UTF-8?q?[FEAT]=20refresh=20token=EC=9C=BC?= =?UTF-8?q?=EB=A1=9C=20issue=20=EC=8B=9C,=20=EC=84=9C=EB=B2=84=20=EC=B8=A1?= =?UTF-8?q?=EC=97=90=EC=84=9C=20=EC=A0=80=EC=9E=A5=20=EC=97=AC=EB=B6=80=20?= =?UTF-8?q?=ED=99=95=EC=9D=B8=20=EB=A1=9C=EC=A7=81=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 만료기간이 지난 refresh token인 경우 서버 측에서 저장하지 않음 --- src/main/java/org/websoso/WSSServer/service/AuthService.java | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index aae2d72d..c1adc465 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -1,6 +1,7 @@ package org.websoso.WSSServer.service; import static org.websoso.WSSServer.exception.error.CustomAuthError.EXPIRED_REFRESH_TOKEN; +import static org.websoso.WSSServer.exception.error.CustomAuthError.INVALID_REFRESH_TOKEN; import static org.websoso.WSSServer.exception.error.CustomAuthError.INVALID_TOKEN; import lombok.RequiredArgsConstructor; @@ -10,6 +11,7 @@ import org.websoso.WSSServer.config.jwt.JwtProvider; import org.websoso.WSSServer.config.jwt.JwtValidationType; import org.websoso.WSSServer.config.jwt.UserAuthentication; +import org.websoso.WSSServer.domain.RefreshToken; import org.websoso.WSSServer.dto.auth.ReissueResponse; import org.websoso.WSSServer.exception.exception.CustomAuthException; import org.websoso.WSSServer.repository.RefreshTokenRepository; @@ -24,6 +26,9 @@ public class AuthService { private final RefreshTokenRepository refreshTokenRepository; public ReissueResponse reissue(String refreshToken) { + RefreshToken storedRefreshToken = refreshTokenRepository.findByRefreshToken(refreshToken) + .orElseThrow(() -> new CustomAuthException(INVALID_REFRESH_TOKEN, "given refresh token is invalid")); + JwtValidationType validationResult = jwtUtil.validateJWT(refreshToken); String tokenType = jwtUtil.getTokenTypeFromJwt(refreshToken); if ("refresh".equals(tokenType)) { From 216aa3e98a75e16c40f7c80e6e9c9b51af012236 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Wed, 11 Sep 2024 01:45:56 +0900 Subject: [PATCH 59/79] =?UTF-8?q?[FEAT]=20reissue=EC=8B=9C=20RTR?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/service/AuthService.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index c1adc465..e933fda6 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -37,6 +37,10 @@ public ReissueResponse reissue(String refreshToken) { UserAuthentication userAuthentication = new UserAuthentication(userId, null, null); String newAccessToken = jwtProvider.generateAccessToken(userAuthentication); String newRefreshToken = jwtProvider.generateRefreshToken(userAuthentication); + + refreshTokenRepository.delete(storedRefreshToken); + refreshTokenRepository.save(new RefreshToken(newRefreshToken, userId)); + return ReissueResponse.of(newAccessToken, newRefreshToken); } else if (validationResult == JwtValidationType.EXPIRED_TOKEN) { throw new CustomAuthException(EXPIRED_REFRESH_TOKEN, "given token is expired refresh token."); From 54646a1554cbaf49278c3cdb7b44c16e673d9340 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Wed, 11 Sep 2024 01:47:17 +0900 Subject: [PATCH 60/79] =?UTF-8?q?[FIX]=20token=20type=20=ED=99=95=EC=9D=B8?= =?UTF-8?q?=20=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 서버 측 redis에서 확인하기 때문에 token type 확인할 필요 없음, 유효기간 지난 refresh일 경우 exception이 터지기도 함 --- .../WSSServer/service/AuthService.java | 28 +++++++++---------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index e933fda6..fc4f659c 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -30,21 +30,19 @@ public ReissueResponse reissue(String refreshToken) { .orElseThrow(() -> new CustomAuthException(INVALID_REFRESH_TOKEN, "given refresh token is invalid")); JwtValidationType validationResult = jwtUtil.validateJWT(refreshToken); - String tokenType = jwtUtil.getTokenTypeFromJwt(refreshToken); - if ("refresh".equals(tokenType)) { - if (validationResult == JwtValidationType.VALID_TOKEN) { - Long userId = jwtUtil.getUserIdFromJwt(refreshToken); - UserAuthentication userAuthentication = new UserAuthentication(userId, null, null); - String newAccessToken = jwtProvider.generateAccessToken(userAuthentication); - String newRefreshToken = jwtProvider.generateRefreshToken(userAuthentication); - - refreshTokenRepository.delete(storedRefreshToken); - refreshTokenRepository.save(new RefreshToken(newRefreshToken, userId)); - - return ReissueResponse.of(newAccessToken, newRefreshToken); - } else if (validationResult == JwtValidationType.EXPIRED_TOKEN) { - throw new CustomAuthException(EXPIRED_REFRESH_TOKEN, "given token is expired refresh token."); - } + + if (validationResult == JwtValidationType.VALID_TOKEN) { + Long userId = jwtUtil.getUserIdFromJwt(refreshToken); + UserAuthentication userAuthentication = new UserAuthentication(userId, null, null); + String newAccessToken = jwtProvider.generateAccessToken(userAuthentication); + String newRefreshToken = jwtProvider.generateRefreshToken(userAuthentication); + + refreshTokenRepository.delete(storedRefreshToken); + refreshTokenRepository.save(new RefreshToken(newRefreshToken, userId)); + + return ReissueResponse.of(newAccessToken, newRefreshToken); + } else if (validationResult == JwtValidationType.EXPIRED_TOKEN) { + throw new CustomAuthException(EXPIRED_REFRESH_TOKEN, "given token is expired refresh token."); } throw new CustomAuthException(INVALID_TOKEN, "given token is invalid token."); } From 241e57e1e9dfbc5b914d47130daafb8e4f4cbdae Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Wed, 11 Sep 2024 01:48:27 +0900 Subject: [PATCH 61/79] =?UTF-8?q?[FEAT]=20=EB=A7=8C=EB=A3=8C=EB=90=9C=20re?= =?UTF-8?q?fresh=EC=9D=BC=20=EB=95=8C=20=EB=B0=9C=EC=83=9D=ED=95=98?= =?UTF-8?q?=EB=8A=94=20=EC=97=90=EB=9F=AC=20=EC=A0=95=EC=9D=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit INVALID_REFRESH_TOKEN --- .../org/websoso/WSSServer/exception/error/CustomAuthError.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java b/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java index 080dc217..1f3f5413 100644 --- a/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java +++ b/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java @@ -12,7 +12,8 @@ public enum CustomAuthError implements ICustomError { EXPIRED_REFRESH_TOKEN("AUTH-001", "만료된 리프레시 토큰입니다.", UNAUTHORIZED), - INVALID_TOKEN("AUTH-002", "유효하지 않은 토큰입니다.", UNAUTHORIZED); + INVALID_TOKEN("AUTH-002", "유효하지 않은 토큰입니다.", UNAUTHORIZED), + INVALID_REFRESH_TOKEN("AUTH-003", "등록되지 않은 리프레시 토큰입니다.", UNAUTHORIZED); private final String code; private final String description; From 366b1971728c60da547f1db0b7150e7c101cbb4c Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Wed, 11 Sep 2024 01:49:41 +0900 Subject: [PATCH 62/79] =?UTF-8?q?[REMOVE]=20=ED=86=A0=ED=81=B0=20=ED=83=80?= =?UTF-8?q?=EC=9E=85=20=ED=99=95=EC=9D=B8=ED=95=98=EB=8A=94=20=EB=A9=94?= =?UTF-8?q?=EC=84=9C=EB=93=9C=20=EC=A0=9C=EA=B1=B0=20-=20=EC=82=AC?= =?UTF-8?q?=EC=9A=A9=ED=95=98=EC=A7=80=20=EC=95=8A=EC=9D=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java | 5 ----- 1 file changed, 5 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java b/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java index ec0ebd3e..740d76d0 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java @@ -43,9 +43,4 @@ private Claims getClaim(final String token) { .parseClaimsJws(token) .getBody(); } - - public String getTokenTypeFromJwt(String token) { - Claims claims = getClaim(token); - return claims.getSubject(); - } } From 321299f084adb132b5b397147d5420225df5cf39 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Wed, 11 Sep 2024 02:34:40 +0900 Subject: [PATCH 63/79] =?UTF-8?q?[FIX]=20hash=20=EB=8D=B0=EC=9D=B4?= =?UTF-8?q?=ED=84=B0=20TTL=20=EB=A7=8C=EB=A3=8C=20=EC=8B=9C,=20set=20?= =?UTF-8?q?=EB=8D=B0=EC=9D=B4=ED=84=B0=EB=8F=84=20=EC=82=AD=EC=A0=9C?= =?UTF-8?q?=EB=90=98=EB=8F=84=EB=A1=9D=20Redis=20keyspace=20=EC=9D=B4?= =?UTF-8?q?=EB=B2=A4=ED=8A=B8=20=ED=99=9C=EC=84=B1=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/WssServerApplication.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/WssServerApplication.java b/src/main/java/org/websoso/WSSServer/WssServerApplication.java index 45e78f6e..1df1f21b 100644 --- a/src/main/java/org/websoso/WSSServer/WssServerApplication.java +++ b/src/main/java/org/websoso/WSSServer/WssServerApplication.java @@ -2,11 +2,12 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.data.redis.core.RedisKeyValueAdapter; import org.springframework.data.redis.repository.configuration.EnableRedisRepositories; import org.springframework.scheduling.annotation.EnableScheduling; @EnableScheduling -@EnableRedisRepositories +@EnableRedisRepositories(enableKeyspaceEvents = RedisKeyValueAdapter.EnableKeyspaceEvents.ON_STARTUP) @SpringBootApplication public class WssServerApplication { From cdb5388c9ee958d1f3178d24ae7bd661512d6a30 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Wed, 11 Sep 2024 02:37:38 +0900 Subject: [PATCH 64/79] =?UTF-8?q?[FEAT]=20refresh=20token=20TTL=20?= =?UTF-8?q?=EC=84=A4=EC=A0=95=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/domain/RefreshToken.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/domain/RefreshToken.java b/src/main/java/org/websoso/WSSServer/domain/RefreshToken.java index 729b415d..d81f3da1 100644 --- a/src/main/java/org/websoso/WSSServer/domain/RefreshToken.java +++ b/src/main/java/org/websoso/WSSServer/domain/RefreshToken.java @@ -7,7 +7,7 @@ @Getter @AllArgsConstructor -@RedisHash(value = "refreshToken") +@RedisHash(value = "refreshToken", timeToLive = 60 * 60 * 24 * 7 * 2) public class RefreshToken { @Id From e42e17ab25aa76724f899ac8c2635b10b1bfc650 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 14 Sep 2024 21:52:45 +0900 Subject: [PATCH 65/79] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?= =?UTF-8?q?=ED=95=9C=20=EC=A3=BC=EC=84=9D=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/config/jwt/JwtValidationType.java | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java index fdb21c9b..0cbef84f 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java @@ -1,10 +1,10 @@ package org.websoso.WSSServer.config.jwt; public enum JwtValidationType { - VALID_TOKEN, // 유효한 JWT - INVALID_SIGNATURE, // 유효하지 않은 서명 - INVALID_TOKEN, // 유효하지 않은 토큰 - EXPIRED_TOKEN, // 만료된 토큰 - UNSUPPORTED_TOKEN, // 지원하지 않는 형식의 토큰 - EMPTY_TOKEN // 빈 JWT + VALID_TOKEN, + INVALID_SIGNATURE, + INVALID_TOKEN, + EXPIRED_TOKEN, + UNSUPPORTED_TOKEN, + EMPTY_TOKEN } From 516f1c9eeea4a2f57aa8216383304261b5051788 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 14 Sep 2024 21:55:53 +0900 Subject: [PATCH 66/79] =?UTF-8?q?[FIX]=20=ED=95=84=ED=84=B0=EC=97=90?= =?UTF-8?q?=EC=84=9C=20=EC=B2=B4=ED=81=AC=20-=20valid=ED=95=9C=20access=20?= =?UTF-8?q?token=EC=9D=BC=20=EA=B2=BD=EC=9A=B0=EB=A1=9C=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit valid한 token인 경우 -> valid한 access인 경우 --- .../websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java index f20ae9e9..19aeb55f 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java @@ -1,7 +1,7 @@ package org.websoso.WSSServer.config.jwt; import static org.websoso.WSSServer.config.jwt.JwtValidationType.EXPIRED_TOKEN; -import static org.websoso.WSSServer.config.jwt.JwtValidationType.VALID_TOKEN; +import static org.websoso.WSSServer.config.jwt.JwtValidationType.VALID_ACCESS; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; @@ -33,7 +33,7 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, try { final String token = getJwtFromRequest(request); final JwtValidationType validationResult = jwtUtil.validateJWT(token); - if (validationResult == VALID_TOKEN) { + if (validationResult == VALID_ACCESS) { Long memberId = jwtUtil.getUserIdFromJwt(token); UserAuthentication authentication = new UserAuthentication(memberId.toString(), null, null); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); From 43867dfc7bfed0dfdc146840f4f0a773a8f0ed62 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 14 Sep 2024 21:56:13 +0900 Subject: [PATCH 67/79] =?UTF-8?q?[FIX]=20JwtValidationType=20=EB=B6=84?= =?UTF-8?q?=EB=A5=98=20=EC=84=B8=EB=B6=84=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/websoso/WSSServer/config/jwt/JwtValidationType.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java index 0cbef84f..73270b09 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java @@ -1,8 +1,8 @@ package org.websoso.WSSServer.config.jwt; public enum JwtValidationType { - VALID_TOKEN, - INVALID_SIGNATURE, + VALID_ACCESS, + VALID_REFRESH, INVALID_TOKEN, EXPIRED_TOKEN, UNSUPPORTED_TOKEN, From 15a3d0f0cb77a57dbb5c68dc42fc5c44c6cd3ff6 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 14 Sep 2024 21:57:00 +0900 Subject: [PATCH 68/79] =?UTF-8?q?[FIX]=20valid=ED=95=9C=20token=EC=9D=B8?= =?UTF-8?q?=20=EA=B2=BD=EC=9A=B0=20=EB=B6=84=EB=A5=98=20=EC=84=B8=EB=B6=84?= =?UTF-8?q?=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit valid한 access와 valid한 refresh 구분 --- src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java b/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java index 740d76d0..77748e09 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java @@ -24,7 +24,11 @@ public Long getUserIdFromJwt(String token) { public JwtValidationType validateJWT(String token) { try { final Claims claims = getClaim(token); - return JwtValidationType.VALID_TOKEN; + String tokenType = claims.getSubject(); + if (tokenType.equals("access")) { + return JwtValidationType.VALID_ACCESS; + } + return JwtValidationType.VALID_REFRESH; } catch (MalformedJwtException ex) { return JwtValidationType.INVALID_TOKEN; } catch (ExpiredJwtException ex) { From e0c32de79646ab6c83c35401d3f9e8dbed9154d3 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 14 Sep 2024 22:55:26 +0900 Subject: [PATCH 69/79] =?UTF-8?q?[FIX]=20JwtValidationType=20=EB=B6=84?= =?UTF-8?q?=EB=A5=98=20=EC=84=B8=EB=B6=84=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/websoso/WSSServer/config/jwt/JwtValidationType.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java index 73270b09..ffcc462d 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java @@ -4,7 +4,8 @@ public enum JwtValidationType { VALID_ACCESS, VALID_REFRESH, INVALID_TOKEN, - EXPIRED_TOKEN, + EXPIRED_ACCESS, + EXPIRED_REFRESH, UNSUPPORTED_TOKEN, EMPTY_TOKEN } From 194d7538acfe53ffc8203a5ea28986b01d8af530 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 14 Sep 2024 23:01:23 +0900 Subject: [PATCH 70/79] =?UTF-8?q?[FIX]=20expired=20token=EC=9D=B8=20?= =?UTF-8?q?=EA=B2=BD=EC=9A=B0=20=EB=B6=84=EB=A5=98=20=EC=84=B8=EB=B6=84?= =?UTF-8?q?=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit expired access와 expired refresh 구분 --- src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java b/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java index 77748e09..ffa3c1d9 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java @@ -32,7 +32,11 @@ public JwtValidationType validateJWT(String token) { } catch (MalformedJwtException ex) { return JwtValidationType.INVALID_TOKEN; } catch (ExpiredJwtException ex) { - return JwtValidationType.EXPIRED_TOKEN; + String tokenType = ex.getClaims().getSubject(); + if (tokenType.equals("access")) { + return JwtValidationType.EXPIRED_ACCESS; + } + return JwtValidationType.EXPIRED_REFRESH; } catch (UnsupportedJwtException ex) { return JwtValidationType.UNSUPPORTED_TOKEN; } catch (IllegalArgumentException ex) { From 9b10fee5d79193b04b641b4323f316f3e55fe021 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 14 Sep 2024 23:03:18 +0900 Subject: [PATCH 71/79] =?UTF-8?q?[FIX]=20reissue=EC=8B=9C=20=EC=84=B1?= =?UTF-8?q?=EA=B3=B5=20=EC=A1=B0=EA=B1=B4=20=EB=B6=84=EB=A5=98=20=EC=84=B8?= =?UTF-8?q?=EB=B6=84=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit valid한 token이 아닌 valid한 refresh로 --- src/main/java/org/websoso/WSSServer/service/AuthService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index fc4f659c..d32d573e 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -31,7 +31,7 @@ public ReissueResponse reissue(String refreshToken) { JwtValidationType validationResult = jwtUtil.validateJWT(refreshToken); - if (validationResult == JwtValidationType.VALID_TOKEN) { + if (validationResult == JwtValidationType.VALID_REFRESH) { Long userId = jwtUtil.getUserIdFromJwt(refreshToken); UserAuthentication userAuthentication = new UserAuthentication(userId, null, null); String newAccessToken = jwtProvider.generateAccessToken(userAuthentication); From 5c2868e76fe2f55fc4d9f5aa7b9efd030716e581 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 14 Sep 2024 23:03:39 +0900 Subject: [PATCH 72/79] =?UTF-8?q?[FIX]=20reissue=EC=8B=9C=20=EB=A7=8C?= =?UTF-8?q?=EB=A3=8C=EB=90=9C=20refresh=EB=A1=9C=20=EB=B6=84=EB=A5=98=20?= =?UTF-8?q?=EC=84=B8=EB=B6=84=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/service/AuthService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index d32d573e..69f83d03 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -41,7 +41,7 @@ public ReissueResponse reissue(String refreshToken) { refreshTokenRepository.save(new RefreshToken(newRefreshToken, userId)); return ReissueResponse.of(newAccessToken, newRefreshToken); - } else if (validationResult == JwtValidationType.EXPIRED_TOKEN) { + } else if (validationResult == JwtValidationType.EXPIRED_REFRESH) { throw new CustomAuthException(EXPIRED_REFRESH_TOKEN, "given token is expired refresh token."); } throw new CustomAuthException(INVALID_TOKEN, "given token is invalid token."); From 2439cddc767eccacbee7e8cc580dcc31b85d5c00 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sat, 14 Sep 2024 23:04:14 +0900 Subject: [PATCH 73/79] =?UTF-8?q?[FIX]=20=EC=9D=B8=EC=A6=9D=20=EC=8B=9C=20?= =?UTF-8?q?=EB=A7=8C=EB=A3=8C=EB=90=9C=20access=EB=A1=9C=20=EB=B6=84?= =?UTF-8?q?=EB=A5=98=20=EC=84=B8=EB=B6=84=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java index 19aeb55f..2b2e889c 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java @@ -1,6 +1,6 @@ package org.websoso.WSSServer.config.jwt; -import static org.websoso.WSSServer.config.jwt.JwtValidationType.EXPIRED_TOKEN; +import static org.websoso.WSSServer.config.jwt.JwtValidationType.EXPIRED_ACCESS; import static org.websoso.WSSServer.config.jwt.JwtValidationType.VALID_ACCESS; import jakarta.servlet.FilterChain; @@ -38,7 +38,7 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, UserAuthentication authentication = new UserAuthentication(memberId.toString(), null, null); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); SecurityContextHolder.getContext().setAuthentication(authentication); - } else if (validationResult == EXPIRED_TOKEN) { + } else if (validationResult == EXPIRED_ACCESS) { handleExpiredAccessToken(request, response); return; } From 89869261f6d1ce2e46505c10ef2f2bce104c78b7 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 15 Sep 2024 00:30:57 +0900 Subject: [PATCH 74/79] =?UTF-8?q?[FIX]=20access=20=EB=A7=8C=EB=A3=8C=20?= =?UTF-8?q?=EC=8B=9C=20=EC=9D=91=EB=8B=B5=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java index 2b2e889c..61c9b818 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java @@ -64,6 +64,7 @@ private void handleExpiredAccessToken(HttpServletRequest request, HttpServletResponse response) throws IOException { response.setContentType("application/json"); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); - response.getWriter().write("{\"error\": \"Access Token Expired. Use Refresh Token to reissue.\"}"); + response.getWriter() + .write("{\"code\": \"AUTH-000\", \"message\": \"Access Token Expired. Use Refresh Token to reissue.\"}"); } } From 90a7cdf71ef44b514c75ab436ad78f5a094954dc Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 15 Sep 2024 02:25:27 +0900 Subject: [PATCH 75/79] =?UTF-8?q?[REFACTOR]=20reissue=20=EC=98=88=EC=99=B8?= =?UTF-8?q?=20=EC=B2=98=EB=A6=AC=20=EA=B0=84=EC=86=8C=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WSSServer/service/AuthService.java | 28 ++++++++----------- 1 file changed, 12 insertions(+), 16 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index 69f83d03..642437db 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -1,7 +1,5 @@ package org.websoso.WSSServer.service; -import static org.websoso.WSSServer.exception.error.CustomAuthError.EXPIRED_REFRESH_TOKEN; -import static org.websoso.WSSServer.exception.error.CustomAuthError.INVALID_REFRESH_TOKEN; import static org.websoso.WSSServer.exception.error.CustomAuthError.INVALID_TOKEN; import lombok.RequiredArgsConstructor; @@ -27,23 +25,21 @@ public class AuthService { public ReissueResponse reissue(String refreshToken) { RefreshToken storedRefreshToken = refreshTokenRepository.findByRefreshToken(refreshToken) - .orElseThrow(() -> new CustomAuthException(INVALID_REFRESH_TOKEN, "given refresh token is invalid")); + .orElseThrow(() -> new CustomAuthException(INVALID_TOKEN, "given token is invalid token for reissue")); - JwtValidationType validationResult = jwtUtil.validateJWT(refreshToken); + if (jwtUtil.validateJWT(refreshToken) != JwtValidationType.VALID_REFRESH) { + throw new CustomAuthException(INVALID_TOKEN, "given token is invalid token for reissue"); + } - if (validationResult == JwtValidationType.VALID_REFRESH) { - Long userId = jwtUtil.getUserIdFromJwt(refreshToken); - UserAuthentication userAuthentication = new UserAuthentication(userId, null, null); - String newAccessToken = jwtProvider.generateAccessToken(userAuthentication); - String newRefreshToken = jwtProvider.generateRefreshToken(userAuthentication); + Long userId = jwtUtil.getUserIdFromJwt(refreshToken); + UserAuthentication userAuthentication = new UserAuthentication(userId, null, null); + String newAccessToken = jwtProvider.generateAccessToken(userAuthentication); + String newRefreshToken = jwtProvider.generateRefreshToken(userAuthentication); - refreshTokenRepository.delete(storedRefreshToken); - refreshTokenRepository.save(new RefreshToken(newRefreshToken, userId)); + refreshTokenRepository.delete(storedRefreshToken); + refreshTokenRepository.save(new RefreshToken(newRefreshToken, userId)); + + return ReissueResponse.of(newAccessToken, newRefreshToken); - return ReissueResponse.of(newAccessToken, newRefreshToken); - } else if (validationResult == JwtValidationType.EXPIRED_REFRESH) { - throw new CustomAuthException(EXPIRED_REFRESH_TOKEN, "given token is expired refresh token."); - } - throw new CustomAuthException(INVALID_TOKEN, "given token is invalid token."); } } From d7c12a798c86908ae4a0867f655f6b13d6f22ee6 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 15 Sep 2024 02:25:43 +0900 Subject: [PATCH 76/79] =?UTF-8?q?[REMOVE]=20=EC=82=AC=EC=9A=A9=ED=95=98?= =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EB=8A=94=20CustomAuthError=20=EC=82=AD?= =?UTF-8?q?=EC=A0=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../websoso/WSSServer/exception/error/CustomAuthError.java | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java b/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java index 1f3f5413..c8225eb2 100644 --- a/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java +++ b/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java @@ -11,9 +11,7 @@ @AllArgsConstructor public enum CustomAuthError implements ICustomError { - EXPIRED_REFRESH_TOKEN("AUTH-001", "만료된 리프레시 토큰입니다.", UNAUTHORIZED), - INVALID_TOKEN("AUTH-002", "유효하지 않은 토큰입니다.", UNAUTHORIZED), - INVALID_REFRESH_TOKEN("AUTH-003", "등록되지 않은 리프레시 토큰입니다.", UNAUTHORIZED); + INVALID_TOKEN("AUTH-001", "유효하지 않은 토큰입니다.", UNAUTHORIZED); private final String code; private final String description; From 113432798359273cbf2ee6dec97c94b446b2b775 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Sun, 15 Sep 2024 02:27:44 +0900 Subject: [PATCH 77/79] =?UTF-8?q?[REMOVE]=20=EC=9D=98=EB=AF=B8=20=EC=97=86?= =?UTF-8?q?=EB=8A=94=20=EA=B0=9C=ED=96=89=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/org/websoso/WSSServer/service/AuthService.java | 1 - 1 file changed, 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java index 642437db..80767fc7 100644 --- a/src/main/java/org/websoso/WSSServer/service/AuthService.java +++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java @@ -40,6 +40,5 @@ public ReissueResponse reissue(String refreshToken) { refreshTokenRepository.save(new RefreshToken(newRefreshToken, userId)); return ReissueResponse.of(newAccessToken, newRefreshToken); - } } From 307e57961e5dc060d822873a66bd022813540703 Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Fri, 20 Sep 2024 00:28:25 +0900 Subject: [PATCH 78/79] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?= =?UTF-8?q?=ED=95=9C=20=EA=B0=9C=ED=96=89=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/websoso/WSSServer/exception/error/CustomAuthError.java | 1 - 1 file changed, 1 deletion(-) diff --git a/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java b/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java index c8225eb2..12deb475 100644 --- a/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java +++ b/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthError.java @@ -17,4 +17,3 @@ public enum CustomAuthError implements ICustomError { private final String description; private final HttpStatus statusCode; } - From fe1a7583a78a1fc278c1e6f53991a8863dc02fbd Mon Sep 17 00:00:00 2001 From: Kim-TaeUk Date: Fri, 20 Sep 2024 16:35:35 +0900 Subject: [PATCH 79/79] =?UTF-8?q?[RENAME]=20memberId=EB=A5=BC=20userId?= =?UTF-8?q?=EB=A1=9C=20rename?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java index 61c9b818..5edf3d16 100644 --- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java @@ -34,8 +34,8 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, final String token = getJwtFromRequest(request); final JwtValidationType validationResult = jwtUtil.validateJWT(token); if (validationResult == VALID_ACCESS) { - Long memberId = jwtUtil.getUserIdFromJwt(token); - UserAuthentication authentication = new UserAuthentication(memberId.toString(), null, null); + Long userId = jwtUtil.getUserIdFromJwt(token); + UserAuthentication authentication = new UserAuthentication(userId.toString(), null, null); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); SecurityContextHolder.getContext().setAuthentication(authentication); } else if (validationResult == EXPIRED_ACCESS) {